<?php
    if(!defined('LT2N_ADMIN')){
        die('bạn không có quyền truy cập');
    }
    $db = new Users();
    $module['name'] = $_GET["mod"];
    if($_GET['mod'] == 'taikhoan'){


        $act = $_GET['act'];
        if($act == '' || $act == 'list'){
            $act = 'list';
            $arr = $db->select(LT2N_PREFIX.'_users','','ORDER BY `uid` ASC');
            require(LT2N_VIEW_PATH.$module["name"]."/".$act.".php");

        } elseif($act == 'add'){

            initalize_post_var('fullname','username','birthday','address','phone','email');

            if(isset($_SESSION['permission']) && $_SESSION['permission'] != PERMISSION_USER ){

               if(isset($_POST['btnAdd'])){
                    $permission  = 0; // permission = 0 => This is not active account
                    $fullname    = $_POST['fullname'];
                    $username    = $_POST['username'];
                    $email       = $_POST['email'];
                    $password1   = $_POST['password1'];
                    $password2   = $_POST['password2'];
                    $birthday    = $_POST['birthday'];
                    $address     = $_POST['address'];
                    $phone       = $_POST['phone'];

                    if(!$db->user_exists($username)){
                      if(!$db->email_exists($email)){
                          if($password1 == $password2){
                            $list = array(
                                    'permission'=> $permission ,
                                    'fullname'=>$fullname,
                                    'password'=>md5($password1),
                                    'username'=>$username,
                                    'birthday'=>date("Y-m-d",strtotime($birthday)),
                                    'address'=>$address,
                                    'phone'=>$phone,
                                    'email'=>$email
                            );




                            $db->insert(LT2N_PREFIX.'_users',$list);
                            if($db->checkQuery() == 1){
                                //$success[] = '<div class="success" >Đã thêm thành công.</div>';
                                header("Location: index.php?mod=taikhoan&act=list&success=".SUCCESS_ADD);
                            } else {
                                $errors[] = '<div class="error" >Thêm người dùng mới thất bại.</div>';
                            }

                        } else {
                            $errors[] = '<div class="error" >Mật khẩu không trùng khớp.</div>';
                        }

                      } else {
                          $errors[] = '<div class="error" >Email này đã tồn tại. Vui lòng chọn địa chỉ email khác</div>';
                      }

                    } else {
                        $errors[] = '<div class="error" >Người dùng này đã tồn tại.</div>';
                    }
                }

            } else {
                header('location: index.php?mod=taikhoan&act=list&err='.ERR_NOT_PERMISSION);
            }





            require(LT2N_VIEW_PATH.$module["name"]."/".$act.".php");
        }elseif($act == 'edit') {

            if(isset($_SESSION['permission']) && $_SESSION['permission'] != PERMISSION_USER ){
                if(isset($_POST['btnUpdate'])){

                    $fullname    = $_POST['fullname'];
                    $username    = $_POST['username'];
                    if(!isset($_POST['permission'])){
                        $permission = 1;
                    } else {
                        $permission = $_POST['permission'];
                    }
                    $password1   = $_POST['password1'];
                    $password2   = $_POST['password2'];
                    $birthday    = date("Y-m-d",strtotime($_POST['birthday']));
                    $address     = $_POST['address'];
                    $phone       = $_POST['phone'];
                    $email       = $_POST['email'];

                    if ( $username == '' ) {
                        $list = array(
                                'permission'=> $permission ,
                                'fullname'=>$fullname,
                                'password'=>md5($password1),
                                'birthday'=>$birthday,
                                'address'=>$address,
                                'phone'=>$phone,
                                'email'=>$email
                         );
                    } elseif ( $password1 == '' ) {
                        $list = array(
                                'permission'=> $permission ,
                                'fullname'=>$fullname,
                                'username'=>$username,
                                'birthday'=>$birthday,
                                'address'=>$address,
                                'phone'=>$phone,
                                'email'=>$email
                        );
                    } elseif ( $username == '' && $password1 == '' ) {
                        $list = array(
                                'permission'=> $permission ,
                                'fullname'=>$fullname,
                                'birthday'=>$birthday,
                                'address'=>$address,
                                'phone'=>$phone,
                                'email'=>$email
                         );
                    }

                    if ($password1 == $password2){

                        $key = "`uid` = ". $_GET['id'];

                        $db->update(LT2N_PREFIX.'_users', $list, $key);
                        header("Location: index.php?mod=taikhoan&act=list&success=".SUCCESS_EDIT);


                    }

                }


            } else {
                header('location: index.php?mod=taikhoan&act=list&err='.ERR_NOT_PERMISSION);
            }




            $arr = $db->select(LT2N_PREFIX.'_users',array('uid'=>$_GET['id']));
            require(LT2N_VIEW_PATH.$module["name"]."/".$act.".php");
        } elseif($act == 'del' ){

            if(isset($_SESSION['permission']) && $_SESSION['permission'] == PERMISSION_ADMIN ){

                if($_GET['id'] != $_SESSION['login']){
                    $db->delete(LT2N_PREFIX.'_users',array('uid'=>$_GET['id']));
                    header('location: index.php?mod=taikhoan&act=list&success='.SUCCESS_DELETE);
                } else {
                    header('location: index.php?mod=taikhoan&act=list&err='.ERR_DELETE);
                }



            } else {
                header('location: index.php?mod=taikhoan&act=list&err='.ERR_NOT_PERMISSION);
            }

        } elseif ($act == 'active') {
            if(isset($_GET['id'])){

                $list = array(
                            'permission'=> 1
                );

                $key = "`uid` = ". $_GET['id'];

                $db->update(LT2N_PREFIX.'_users', $list, $key);
            }
            $arr = $db->select(LT2N_PREFIX.'_users',array('permission'=>0),'ORDER BY `uid` ASC');
            require(LT2N_VIEW_PATH.$module["name"]."/".$act.".php");
        }


    }


?>